This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/heKnF0nPw3navL7mvVdrP7ZenfE.roa File: heKnF0nPw3navL7mvVdrP7ZenfE.roa (raw, json) Hash identifier: SN8nxNReThCLTC+u68FN/Bqg6og3YUjtGA8xvnnpO7A= Subject key identifier: 85:E2:A7:17:49:CF:C3:79:DA:BC:BE:E6:BD:57:6B:3F:B6:5E:9D:F1 Certificate issuer: /CN=86ee201c65d655ee9cfe251f951ea91bba154567 Certificate serial: 019B7834D91A8EB226EFE5FC3B969FF0D3E5 Authority key identifier: 86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/heKnF0nPw3navL7mvVdrP7ZenfE.roa Signing time: Thu 01 Jan 2026 06:18:07 +0000 ROA not before: Thu 01 Jan 2026 06:18:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43054 IP address blocks: 80.91.219.0/24 maxlen: 24 185.225.27.0/24 maxlen: 24 188.190.113.0/24 maxlen: 24 193.41.32.0/24 maxlen: 24 193.200.214.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/hu4gHGXWVe6c_iUflR6pG7oVRWc.crl rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/hu4gHGXWVe6c_iUflR6pG7oVRWc.mft rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:d9:1a:8e:b2:26:ef:e5:fc:3b:96:9f:f0:d3:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=86ee201c65d655ee9cfe251f951ea91bba154567 Validity Not Before: Jan 1 06:18:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=85e2a71749cfc379dabcbee6bd576b3fb65e9df1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:20:31:46:1c:1f:29:82:a4:c0:c4:ca:12:be: 1d:24:da:cd:08:52:67:d9:c6:c0:2f:16:39:56:68: 3a:f6:7d:9e:90:0e:13:72:93:25:e6:f9:44:e1:77: b0:08:12:fa:62:8d:0d:07:06:b5:53:e5:bf:93:98: 4e:88:67:b8:e7:0a:1b:92:f3:42:ce:f6:3b:8d:ae: 46:60:4a:cf:ff:b3:9a:b1:64:f2:fb:cd:3f:55:0b: 6e:54:b7:64:ce:ec:c9:40:4a:f6:84:5b:ad:2a:8e: 60:8c:e9:a0:78:15:39:69:95:ef:c6:ce:09:b4:52: e9:dd:56:09:50:9d:ac:bc:5f:38:e4:2b:52:96:bf: 35:01:01:f2:41:cf:79:cc:a0:a2:b4:be:46:c4:f6: 93:c4:82:e6:25:93:f5:c6:7c:0a:5c:eb:9b:2b:61: 3e:50:75:ce:2c:9a:bf:fe:c6:1d:21:0e:83:ce:d2: 53:00:e7:7d:28:39:c9:0b:c7:97:9a:4a:83:2a:25: ce:33:69:9c:64:7b:c2:d1:22:7f:94:03:5e:49:df: 9a:c0:ee:ca:6b:7b:b5:ca:2a:dc:a7:c4:78:03:82: 96:f0:f5:ca:72:b6:b3:e6:28:3c:57:76:34:b5:5a: 68:d6:fa:6a:a5:11:24:12:7d:34:3d:89:5b:98:f4: 90:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:E2:A7:17:49:CF:C3:79:DA:BC:BE:E6:BD:57:6B:3F:B6:5E:9D:F1 X509v3 Authority Key Identifier: keyid:86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/heKnF0nPw3navL7mvVdrP7ZenfE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/hu4gHGXWVe6c_iUflR6pG7oVRWc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.91.219.0/24 185.225.27.0/24 188.190.113.0/24 193.41.32.0/24 193.200.214.0/24 Signature Algorithm: sha256WithRSAEncryption b9:20:5e:85:a8:cf:81:0e:81:f8:a2:a5:1d:1c:6c:ab:bd:9f: 56:bc:01:27:e5:9e:c0:89:f6:2d:e8:86:65:b1:58:10:fe:da: 85:0b:d9:31:d7:26:f3:2d:ca:ff:d3:4b:d8:6a:7c:27:37:17: 0f:a6:cf:ab:e5:7a:9d:8f:9a:09:51:40:8d:9f:ae:5d:b5:cb: 97:f7:19:3e:e5:ac:b4:50:e2:f5:ab:fc:12:1c:8c:39:f4:42: 59:52:8d:fb:aa:91:c8:8e:a0:92:21:c3:8f:78:a0:88:d4:02: 8d:98:13:01:f7:6e:96:3c:d3:78:37:7e:c9:40:2c:10:b5:80: 24:77:c1:d2:24:62:03:1b:8f:39:86:9f:18:b7:0b:66:1f:83: 1b:02:8c:71:b8:b8:53:c4:a7:3b:e3:67:36:a2:3d:a1:82:06: 0b:8a:b7:4b:9c:99:bf:87:1f:e2:bd:1e:69:d3:76:fd:56:9f: 6c:ba:cb:03:06:e8:5e:60:42:cf:8e:19:ef:4c:ab:53:3d:21: 49:a3:28:36:d8:6a:6b:72:54:46:8e:c3:83:e3:92:1e:07:a0: 52:05:2a:cd:76:9f:f9:7d:e5:39:73:03:20:38:69:d9:a8:31: 56:9b:5d:f6:cc:91:45:7a:de:eb:e1:ba:8f:60:5b:90:c3:72: 91:e8:3c:5d -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZt4NNkajrIm7+X8O5af8NPlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2ZWUyMDFjNjVkNjU1ZWU5Y2ZlMjUxZjk1MWVhOTFiYmEx NTQ1NjcwHhcNMjYwMTAxMDYxODA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NWUyYTcxNzQ5Y2ZjMzc5ZGFiY2JlZTZiZDU3NmIzZmI2NWU5ZGYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSAxRhwfKYKkwMTKEr4dJNrNCFJn 2cbALxY5Vmg69n2ekA4TcpMl5vlE4XewCBL6Yo0NBwa1U+W/k5hOiGe45wobkvNC zvY7ja5GYErP/7OasWTy+80/VQtuVLdkzuzJQEr2hFutKo5gjOmgeBU5aZXvxs4J tFLp3VYJUJ2svF845CtSlr81AQHyQc95zKCitL5GxPaTxILmJZP1xnwKXOubK2E+ UHXOLJq//sYdIQ6DztJTAOd9KDnJC8eXmkqDKiXOM2mcZHvC0SJ/lANeSd+awO7K a3u1yircp8R4A4KW8PXKcraz5ig8V3Y0tVpo1vpqpREkEn00PYlbmPSQFQIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFIXipxdJz8N52ry+5r1Xaz+2Xp3xMB8GA1UdIwQY MBaAFIbuIBxl1lXunP4lH5UeqRu6FUVnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEt YThjYThlNGM3ZTc3LzEvaGVLbkYwblB3M25hdkw3bXZWZHJQN1plbmZFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEtYThjYThlNGM3ZTc3 LzEvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUFvbAwQA ueEbAwQAvL5xAwQAwSkgAwQAwcjWMA0GCSqGSIb3DQEBCwUAA4IBAQC5IF6FqM+B DoH4oqUdHGyrvZ9WvAEn5Z7AifYt6IZlsVgQ/tqFC9kx1ybzLcr/00vYanwnNxcP ps+r5Xqdj5oJUUCNn65dtcuX9xk+5ay0UOL1q/wSHIw59EJZUo37qpHIjqCSIcOP eKCI1AKNmBMB926WPNN4N37JQCwQtYAkd8HSJGIDG485hp8YtwtmH4MbAoxxuLhT xKc742c2oj2hggYLirdLnJm/hx/ivR5p03b9Vp9sussDBuheYELPjhnvTKtTPSFJ oyg22GprclRGjsOD45IeB6BSBSrNdp/5feU5cwMgOGnZqDFWm132zJFFet7r4bqP YFuQw3KR6Dxd -----END CERTIFICATE-----Generated at Mon Jan 26 03:27:54 2026 by rpki-client